File name: | psiphon3.exe |
Full analysis: | https://app.any.run/tasks/dc588b2b-e948-47fc-8b2f-8666d1529a00 |
Verdict: | Malicious activity |
Analysis date: | August 13, 2019, 15:06:07 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-dosexec |
File info: | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
MD5: | 16B965CB5539F58B273CB327C88524D8 |
SHA1: | 54CCC518F4C032909211229DED7A7B63F19B28E0 |
SHA256: | 7D364BB999BD7CF126F5AE35C7CC80DE32A112BAFB8CFA7D4F0533348949B994 |
SSDEEP: | 98304:T5XQQR6sdk08XmikVoyr3ob7qMK+Mg7kgFbMQptxiBmiKj8uuYZT+hBJ:T5XQQR6ok8ikgb6XqbXxamisuY9CBJ |
.exe | | | UPX compressed Win32 Executable (43.5) |
---|---|---|
.exe | | | Win32 EXE Yoda's Crypter (42.7) |
.exe | | | Win32 Executable (generic) (7.2) |
.exe | | | Generic Win/DOS Executable (3.2) |
.exe | | | DOS Executable Generic (3.2) |
Subsystem: | Windows GUI |
---|---|
SubsystemVersion: | 5.1 |
ImageVersion: | - |
OSVersion: | 5.1 |
EntryPoint: | 0x11467e0 |
UninitializedDataSize: | 11902976 |
InitializedDataSize: | 90112 |
CodeSize: | 6209536 |
LinkerVersion: | 14 |
PEType: | PE32 |
TimeStamp: | 2019:08:09 02:59:44+02:00 |
MachineType: | Intel 386 or later, and compatibles |
Architecture: | IMAGE_FILE_MACHINE_I386 |
---|---|
Subsystem: | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Compilation Date: | 09-Aug-2019 00:59:44 |
Detected languages: |
|
Magic number: | MZ |
---|---|
Bytes on last page of file: | 0x0090 |
Pages in file: | 0x0003 |
Relocations: | 0x0000 |
Size of header: | 0x0004 |
Min extra paragraphs: | 0x0000 |
Max extra paragraphs: | 0xFFFF |
Initial SS value: | 0x0000 |
Initial SP value: | 0x00B8 |
Checksum: | 0x0000 |
Initial IP value: | 0x0000 |
Initial CS value: | 0x0000 |
Overlay number: | 0x0000 |
OEM identifier: | 0x0000 |
OEM information: | 0x0000 |
Address of NE header: | 0x00000120 |
Signature: | PE |
---|---|
Machine: | IMAGE_FILE_MACHINE_I386 |
Number of sections: | 3 |
Time date stamp: | 09-Aug-2019 00:59:44 |
Pointer to Symbol Table: | 0x00000000 |
Number of symbols: | 0 |
Size of Optional Header: | 0x00E0 |
Characteristics: |
|
Name | Virtual Address | Virtual Size | Raw Size | Charateristics | Entropy |
---|---|---|---|---|---|
UPX0 | 0x00001000 | 0x00B5A000 | 0x00000000 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 0 |
UPX1 | 0x00B5B000 | 0x005EC000 | 0x005EBC00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 7.9305 |
.rsrc | 0x01147000 | 0x00016000 | 0x00015C00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 7.48738 |
Title | Entropy | Size | Codepage | Language | Type |
---|---|---|---|---|---|
1 | 4.91161 | 381 | UNKNOWN | English - United States | RT_MANIFEST |
2 | 4.0192 | 744 | UNKNOWN | English - United States | RT_ICON |
3 | 5.62289 | 1384 | UNKNOWN | English - United States | RT_ICON |
4 | 5.86281 | 2216 | UNKNOWN | English - United States | RT_ICON |
5 | 5.32737 | 3752 | UNKNOWN | English - United States | RT_ICON |
6 | 5.87817 | 1128 | UNKNOWN | English - United States | RT_ICON |
7 | 5.80197 | 66 | UNKNOWN | English - United States | RT_STRING |
8 | 4.79539 | 9640 | UNKNOWN | English - United States | RT_ICON |
9 | 7.96592 | 19543 | UNKNOWN | English - United States | RT_ICON |
10 | 7.94804 | 41745 | UNKNOWN | English - United States | RT_ICON |
ADVAPI32.dll |
COMCTL32.dll |
CRYPT32.dll |
GDI32.dll |
KERNEL32.DLL |
OLEAUT32.dll |
RASAPI32.dll |
SHELL32.dll |
SHLWAPI.dll |
USER32.dll |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
304 | "C:\Users\admin\AppData\Local\Temp\psiphon3.exe" | C:\Users\admin\AppData\Local\Temp\psiphon3.exe | explorer.exe | |
User: admin Integrity Level: MEDIUM | ||||
3376 | C:\Users\admin\AppData\Local\Temp\psiphon-tunnel-core.exe --config "C:\Users\admin\AppData\Roaming\Psiphon3\psiphon.config" --serverList "C:\Users\admin\AppData\Roaming\Psiphon3\server_list.dat" | C:\Users\admin\AppData\Local\Temp\psiphon-tunnel-core.exe | psiphon3.exe | |
User: admin Integrity Level: MEDIUM | ||||
2628 | "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1 | C:\Windows\system32\rundll32.exe | — | psiphon3.exe |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Windows host process (Rundll32) Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
388 | "C:\Program Files\Internet Explorer\iexplore.exe" https://ipfounder.net/?sponsor_id=1BC527D3D09985CF&sponsor=psiphon&client_region=NO&client_platform=windows&secret=580EfjEI29xL3hoyU6dgP4vSEVxdcGI7JDFkxgjds7PHulSEF0wmORpvzbqxyTwYtpowsY4xMFnfWEnTghe6l8jiV9K5QSZoir2i6fDeKJD6EhL6DkoYTEMu2EE9YJvy3LdCUZ7ncdVC6ipgWx06wznvDLbY1ajfcfRGCpfsQJei2q6tb0GSFh1QK3x3qXKwyjmNPc5J | C:\Program Files\Internet Explorer\iexplore.exe | psiphon3.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) | ||||
1252 | "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:388 CREDAT:71937 | C:\Program Files\Internet Explorer\iexplore.exe | iexplore.exe | |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Internet Explorer Version: 8.00.7600.16385 (win7_rtm.090713-1255) | ||||
3740 | C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe -Embedding | C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_ActiveX.exe | — | svchost.exe |
User: admin Company: Adobe Systems Incorporated Integrity Level: MEDIUM Description: Adobe® Flash® Player Installer/Uninstaller 26.0 r0 Version: 26,0,0,131 |
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_CURRENT_USER\Software\Psiphon3 |
Operation: | write | Name: | SkipBrowser |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_CURRENT_USER\Software\Psiphon3 |
Operation: | write | Name: | SkipProxySettings |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_CURRENT_USER\Software\Psiphon3 |
Operation: | write | Name: | SkipAutoConnect |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | UNCAsIntranet |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap |
Operation: | write | Name: | AutoDetect |
Value: 1 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\psiphon3_RASAPI32 |
Operation: | write | Name: | EnableFileTracing |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\psiphon3_RASAPI32 |
Operation: | write | Name: | EnableConsoleTracing |
Value: 0 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\psiphon3_RASAPI32 |
Operation: | write | Name: | FileTracingMask |
Value: 4294901760 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\psiphon3_RASAPI32 |
Operation: | write | Name: | ConsoleTracingMask |
Value: 4294901760 | |||
(PID) Process: | (304) psiphon3.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\psiphon3_RASAPI32 |
Operation: | write | Name: | MaxFileSize |
Value: 1048576 |
PID | Process | Filename | Type | |
---|---|---|---|---|
388 | iexplore.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\favicon[1].ico | — | |
MD5:— | SHA256:— | |||
388 | iexplore.exe | C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico | — | |
MD5:— | SHA256:— | |||
1252 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@ipfounder[1].txt | — | |
MD5:— | SHA256:— | |||
304 | psiphon3.exe | C:\Users\admin\AppData\Roaming\Psiphon3\psiphon.config | text | |
MD5:C122C17B48F04D3E6A28A6B218A451E5 | SHA256:920C1C27F9D670B7D89DACC8F23F0F9ECBF4833F3291157C743A2E880B1847EC | |||
304 | psiphon3.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LH043OAM\main[1] | html | |
MD5:29FA264CB54DF50DF777F2F4F6154A1C | SHA256:8CAAAAE2AA224FFEC4F598A7AD44236B3F65BC4089C3CC0492C31D5A448D3DA0 | |||
304 | psiphon3.exe | C:\Users\admin\AppData\Roaming\Psiphon3\server_list.dat | text | |
MD5:72DCAD760A5687FBFD219DDB0600E752 | SHA256:6FCDC2A54CB8F79A48E3CF1941F1C6049F7E5080781F0F0EAD339B979E46DA4B | |||
304 | psiphon3.exe | C:\Users\admin\AppData\Local\Temp\psiphon-tunnel-core.exe | executable | |
MD5:A33148C5FF0767F91BFBAF81418FC81F | SHA256:AD17FAA17E65E4F0ED96B557754E005B78B18528D54A166D2275E5B39115AACD | |||
304 | psiphon3.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0488CJO\flag_unknown_32[1] | image | |
MD5:0E23864908AA82DCFA6CF76BD308A498 | SHA256:2BF319D0025D275DF9DA396E238377460D9B562BB2F11BB0D9DAB23981E79CFD | |||
2628 | rundll32.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat | dat | |
MD5:47E6BF24C23879A634F8F2BE358D6664 | SHA256:D27DF37A592BEFB9906EA467502B7820C03A8EBF835216130A2D834695751CBF | |||
1252 | iexplore.exe | C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat | dat | |
MD5:D161B32FE1F459D8BE8B85A191C33EED | SHA256:CA5E0D0B076491571280D8C0B31554C4D367EE593B2B5B114E09939C407C782F |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
3376 | psiphon-tunnel-core.exe | POST | — | 2.16.186.89:80 | http://www.stealthbuddiesparis.com/ | unknown | — | — | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
3376 | psiphon-tunnel-core.exe | 151.101.0.179:443 | prod.global.fastly.net | Fastly | US | suspicious |
3376 | psiphon-tunnel-core.exe | 77.68.40.67:443 | — | 1&1 Internet SE | GB | unknown |
3376 | psiphon-tunnel-core.exe | 87.101.94.42:22 | — | — | — | suspicious |
3376 | psiphon-tunnel-core.exe | 104.18.152.190:443 | — | Cloudflare Inc | US | shared |
3376 | psiphon-tunnel-core.exe | 45.33.13.15:443 | — | Linode, LLC | US | unknown |
3376 | psiphon-tunnel-core.exe | 178.79.131.219:443 | — | Linode, LLC | GB | unknown |
3376 | psiphon-tunnel-core.exe | 151.101.1.194:443 | prod.global.ssl.fastly.net | Fastly | US | malicious |
3376 | psiphon-tunnel-core.exe | 37.46.114.57:443 | — | AltusHost B.V. | BG | unknown |
3376 | psiphon-tunnel-core.exe | 194.79.31.91:22 | — | M247 Ltd | GB | unknown |
3376 | psiphon-tunnel-core.exe | 212.227.200.149:443 | — | 1&1 Internet SE | DE | unknown |
Domain | IP | Reputation |
---|---|---|
prod.global.fastly.net |
| whitelisted |
prod.global.ssl.fastly.net |
| whitelisted |
a1301.g.akamai.net |
| malicious |
Process | Message |
---|---|
psiphon3.exe | Client Version: 145 |
psiphon3.exe | |
psiphon3.exe | {"data":{"data":{"message":"applied [11] parameters with tag ''"},"noticeType":"Info","showUser":false,"timestamp":"2019-08-13T15:06:39.961Z"},"msg":"CoreNotice","timestamp!!timestamp":"2019-08-13T15:06:40.053Z"}
|
psiphon3.exe | |
psiphon3.exe | ":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/bifurcation/mint/syntax":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/cheekybits/genny/generic":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/golang/protobuf/proto":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/grafov/m3u8":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/hashicorp/golang-lru":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/hashicorp/golang-lru/simplelru":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/juju/ratelimit":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/aes12":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go-certificates":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/h2quic":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/congestion":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/crypto":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/handshake":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/protocol":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/utils":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/wire":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/qerr":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/refraction-networking/utls":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/refraction-networking/utls/cpu":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/bsbuffer":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/gotapdance/protobuf":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/gotapdance/tapdance":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sirupsen/logrus":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/zach-klippenstein/goregen":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/chacha20poly1305":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/cryptobyte":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/cryptobyte/asn1":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/curve25519":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/hkdf":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/internal/chacha20":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/internal/subtle":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/poly1305":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/ssh/terminal":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http/httpguts":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http2":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http2/hpack":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/idna":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang |
psiphon3.exe | ":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/bifurcation/mint/syntax":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/cheekybits/genny/generic":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/golang/protobuf/proto":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/grafov/m3u8":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/hashicorp/golang-lru":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/hashicorp/golang-lru/simplelru":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/juju/ratelimit":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/aes12":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go-certificates":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/h2quic":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/congestion":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/crypto":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/handshake":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/protocol":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/utils":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/internal/wire":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/lucas-clemente/quic-go/qerr":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/refraction-networking/utls":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/refraction-networking/utls/cpu":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/bsbuffer":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/gotapdance/protobuf":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sergeyfrolov/gotapdance/tapdance":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/sirupsen/logrus":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/github.com/zach-klippenstein/goregen":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/chacha20poly1305":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/cryptobyte":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/cryptobyte/asn1":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/curve25519":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/hkdf":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/internal/chacha20":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/internal/subtle":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/poly1305":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/crypto/ssh/terminal":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http/httpguts":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http2":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/http2/hpack":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang.org/x/net/idna":"3119fa5","github.com/Psiphon-Labs/psiphon-tunnel-core/vendor/golang |
psiphon3.exe | |
psiphon3.exe | |
psiphon3.exe | {"data":{"data":{"message":"updated server 185.253.97.20"},"noticeType":"Info","showUser":false,"timestamp":"2019-08-13T15:06:40.100Z"},"msg":"CoreNotice","timestamp!!timestamp":"2019-08-13T15:06:40.154Z"}
|
psiphon3.exe | |